diff options
author | David von Oheimb <David.von.Oheimb@siemens.com> | 2019-03-19 09:35:03 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2019-03-19 09:35:03 +1000 |
commit | 529586085e38487d45974817d4f3ff40f30e19f6 (patch) | |
tree | b2a9e7cb22c13db7b6a800ad7b47ddedf13a94d0 /test/recipes/25-test_x509.t | |
parent | 8a74bb5c7becbd7492f4445b852602c3e88ba143 (diff) | |
download | openssl-new-529586085e38487d45974817d4f3ff40f30e19f6.tar.gz |
Add -new and -subj options to x509 app for direct cert generation
Complete and improve error output of parse_name() in apps/apps.c
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8193)
Diffstat (limited to 'test/recipes/25-test_x509.t')
-rw-r--r-- | test/recipes/25-test_x509.t | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t index 0703e087a3..2ff49f6243 100644 --- a/test/recipes/25-test_x509.t +++ b/test/recipes/25-test_x509.t @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_x509"); -plan tests => 9; +plan tests => 10; require_ok(srctop_file('test','recipes','tconversion.pl')); @@ -34,6 +34,25 @@ is(cmp_text($out, srctop_file("test/certs", "cyrillic.utf8")), 0, 'Comparing utf8 output'); unlink $out; +# producing and checking self-issued (but not self-signed) cert +my @path = qw(test certs); +my $subj = "/CN=CA"; # using same DN as in issuer of ee-cert.pem +my $pkey = srctop_file(@path, "ca-key.pem"); # issuer private key +my $pubkey = "ca-pubkey.pem"; # the corresponding issuer public key +# use any (different) key for signing our self-issued cert: +my $signkey = srctop_file(@path, "ee-ecdsa-key.pem"); +my $selfout = "self-issued.out"; +my $testcert = srctop_file(@path, "ee-cert.pem"); +ok(run(app(["openssl", "pkey", "-in", $pkey, "-pubout", "-out", $pubkey])) + && + run(app(["openssl", "x509", "-new", "-force_pubkey", $pubkey, + "-subj", $subj, "-signkey", $signkey, "-out", $selfout])) + && + run(app(["openssl", "verify", "-no_check_time", + "-trusted", $selfout, $testcert]))); +unlink $pubkey; +unlink $selfout; + subtest 'x509 -- x.509 v1 certificate' => sub { tconversion("x509", srctop_file("test","testx509.pem")); }; |